head 1.10; access; symbols pkgsrc-2013Q2:1.10.0.42 pkgsrc-2013Q2-base:1.10 pkgsrc-2012Q4:1.10.0.40 pkgsrc-2012Q4-base:1.10 pkgsrc-2011Q4:1.10.0.38 pkgsrc-2011Q4-base:1.10 pkgsrc-2011Q2:1.10.0.36 pkgsrc-2011Q2-base:1.10 pkgsrc-2009Q4:1.10.0.34 pkgsrc-2009Q4-base:1.10 pkgsrc-2008Q4:1.10.0.32 pkgsrc-2008Q4-base:1.10 pkgsrc-2008Q3:1.10.0.30 pkgsrc-2008Q3-base:1.10 cube-native-xorg:1.10.0.28 cube-native-xorg-base:1.10 pkgsrc-2008Q2:1.10.0.26 pkgsrc-2008Q2-base:1.10 pkgsrc-2008Q1:1.10.0.24 pkgsrc-2008Q1-base:1.10 pkgsrc-2007Q4:1.10.0.22 pkgsrc-2007Q4-base:1.10 pkgsrc-2007Q3:1.10.0.20 pkgsrc-2007Q3-base:1.10 pkgsrc-2007Q2:1.10.0.18 pkgsrc-2007Q2-base:1.10 pkgsrc-2007Q1:1.10.0.16 pkgsrc-2007Q1-base:1.10 pkgsrc-2006Q4:1.10.0.14 pkgsrc-2006Q4-base:1.10 pkgsrc-2006Q3:1.10.0.12 pkgsrc-2006Q3-base:1.10 pkgsrc-2006Q2:1.10.0.10 pkgsrc-2006Q2-base:1.10 pkgsrc-2006Q1:1.10.0.8 pkgsrc-2006Q1-base:1.10 pkgsrc-2005Q4:1.10.0.6 pkgsrc-2005Q4-base:1.10 pkgsrc-2005Q3:1.10.0.4 pkgsrc-2005Q3-base:1.10 pkgsrc-2005Q2:1.10.0.2 pkgsrc-2005Q2-base:1.10 pkgsrc-2005Q1:1.6.0.2 pkgsrc-2005Q1-base:1.6 pkgsrc-2004Q4:1.5.0.2 pkgsrc-2004Q4-base:1.5 pkgsrc-2004Q3:1.4.0.2 pkgsrc-2004Q3-base:1.4 pkgsrc-2004Q2:1.3.0.4 pkgsrc-2004Q2-base:1.3 pkgsrc-2004Q1:1.3.0.2 pkgsrc-2004Q1-base:1.3 pkgsrc-base:1.1.1.1 TNF:1.1.1; locks; strict; comment @# @; 1.10 date 2005.04.18.14.25.46; author wiz; state dead; branches; next 1.9; 1.9 date 2005.04.16.12.47.22; author tron; state Exp; branches; next 1.8; 1.8 date 2005.03.24.08.53.25; author tron; state Exp; branches; next 1.7; 1.7 date 2005.03.22.10.17.50; author tron; state Exp; branches; next 1.6; 1.6 date 2005.02.27.03.50.11; author grant; state Exp; branches 1.6.2.1; next 1.5; 1.5 date 2004.10.04.11.28.45; author wiz; state Exp; branches; next 1.4; 1.4 date 2004.09.20.15.48.58; author erh; state Exp; branches; next 1.3; 1.3 date 2004.03.05.14.48.08; author grant; state Exp; branches; next 1.2; 1.2 date 2004.03.05.14.06.27; author grant; state Exp; branches; next 1.1; 1.1 date 2004.02.09.10.36.54; author grant; state Exp; branches 1.1.1.1; next ; 1.6.2.1 date 2005.03.22.19.13.56; author snj; state Exp; branches; next 1.6.2.2; 1.6.2.2 date 2005.03.24.17.38.49; author snj; state Exp; branches; next 1.6.2.3; 1.6.2.3 date 2005.04.16.14.10.21; author salo; state Exp; branches; next 1.6.2.4; 1.6.2.4 date 2005.05.16.12.17.06; author salo; state Exp; branches; next ; 1.1.1.1 date 2004.02.09.10.36.54; author grant; state Exp; branches; next ; desc @@ 1.10 log @Remove firefox-gtk2-bin* packages, now that firefox-gtk2-bin has been renamed to firefox-bin. @ text @# $NetBSD: Makefile,v 1.9 2005/04/16 12:47:22 tron Exp $ MOZILLA= firefox MOZ_VER= 1.0.3 MOZ_DISTVER= ${MOZ_VER} HOMEPAGE= http://www.mozilla.org/projects/firefox/ COMMENT= Lightweight gecko-based web browser (gtk2 binary pkg) MOZ_GTK2= YES DIST_SUBDIR= ${MOZILLA}-gtk2/${MOZ_DISTDIR} ONLY_FOR_PLATFORM+= Linux-*-i386 .include "../../www/mozilla-bin/Makefile.common" @ 1.9 log @Update "firefox-gtk2-bin" package to version 1.0.3. The new version fixes the following security issues: MFSA 2005-33 Javascript "lambda" replace exposes memory contents MFSA 2005-34 javascript: PLUGINSPAGE code execution MFSA 2005-35 Showing blocked javascript: popup uses wrong privilege context MFSA 2005-36 Cross-site scripting through global scope pollution MFSA 2005-37 Code execution through javascript: favicons MFSA 2005-38 Search plugin cross-site scripting MFSA 2005-39 Arbitrary code execution from Firefox sidebar panel II MFSA 2005-40 Missing Install object instance checks MFSA 2005-41 Privilege escalation via DOM property overrides @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.8 2005/03/24 08:53:25 tron Exp $ @ 1.8 log @Update "firefox-gtk2-bin" package to version 1.0.2. The new version fixes the following security issues: MFSA 2005-32 Drag and drop loading of privileged XUL MFSA 2005-31 Arbitrary code execution from Firefox sidebar panel MFSA 2005-30 GIF heap overflow parsing Netscape extension 2 @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.7 2005/03/22 10:17:50 tron Exp $ d4 1 a4 1 MOZ_VER= 1.0.2 @ 1.7 log @Update "firefox-gtk2-bin" package to version 1.0.1. Besides various bug fixes the following security issuses were fixed: MFSA 2005-29 Internationalized Domain Name (IDN) homograph spoofing MFSA 2005-28 Unsafe /tmp/plugtmp directory exploitable to erase user's files MFSA 2005-27 Plugins can be used to load privileged content MFSA 2005-26 Cross-site scripting by dropping javascript: link on tab MFSA 2005-25 Image drag and drop executable spoofing MFSA 2005-24 HTTP auth prompt tab spoofing MFSA 2005-23 Download dialog source spoofing MFSA 2005-22 Download dialog spoofing using Content-Disposition header MFSA 2005-21 Overwrite arbitrary files downloading .lnk twice MFSA 2005-20 XSLT can include stylesheets from arbitrary hosts MFSA 2005-19 Autocomplete data leak MFSA 2005-18 Memory overwrite in string library MFSA 2005-17 Install source spoofing with user:pass@@host MFSA 2005-16 Spoofing download and security dialogs with overlapping windows MFSA 2005-15 Heap overflow possible in UTF8 to Unicode conversion MFSA 2005-14 SSL "secure site" indicator spoofing MFSA 2005-13 Window Injection Spoofing @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.6 2005/02/27 03:50:11 grant Exp $ d4 1 a4 1 MOZ_VER= 1.0.1 @ 1.6 log @update firefox-gtk2-bin to 1.0. changes since 1.0preview1 are same as for www/firefox. - deal with Linux binaries having a different directory structure than others on the MASTER_SITES. - undo some brain damage when MOZILLA_USE_LINUX is defined. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.5 2004/10/04 11:28:45 wiz Exp $ d4 1 a4 1 MOZ_VER= 1.0 @ 1.6.2.1 log @Pullup ticket 379 - requested by Matthias Scheler security fix for firefox-gtk2-bin Revisions pulled up: - pkgsrc/www/firefox-gtk2-bin/Makefile 1.7 - pkgsrc/www/firefox-gtk2-bin/distinfo 1.8 Module Name: pkgsrc Committed By: tron Date: Tue Mar 22 10:17:50 UTC 2005 Modified Files: pkgsrc/www/firefox-gtk2-bin: Makefile distinfo Log Message: Update "firefox-gtk2-bin" package to version 1.0.1. Besides various bug fixes the following security issuses were fixed: MFSA 2005-29 Internationalized Domain Name (IDN) homograph spoofing MFSA 2005-28 Unsafe /tmp/plugtmp directory exploitable to erase user's files MFSA 2005-27 Plugins can be used to load privileged content MFSA 2005-26 Cross-site scripting by dropping javascript: link on tab MFSA 2005-25 Image drag and drop executable spoofing MFSA 2005-24 HTTP auth prompt tab spoofing MFSA 2005-23 Download dialog source spoofing MFSA 2005-22 Download dialog spoofing using Content-Disposition header MFSA 2005-21 Overwrite arbitrary files downloading .lnk twice MFSA 2005-20 XSLT can include stylesheets from arbitrary hosts MFSA 2005-19 Autocomplete data leak MFSA 2005-18 Memory overwrite in string library MFSA 2005-17 Install source spoofing with user:pass@@host MFSA 2005-16 Spoofing download and security dialogs with overlapping windows MFSA 2005-15 Heap overflow possible in UTF8 to Unicode conversion MFSA 2005-14 SSL "secure site" indicator spoofing MFSA 2005-13 Window Injection Spoofing @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.6 2005/02/27 03:50:11 grant Exp $ d4 1 a4 1 MOZ_VER= 1.0.1 @ 1.6.2.2 log @Pullup ticket 384 - requested by Matthias Scheler security fix for firefox-gtk2-bin Revisions pulled up: - pkgsrc/www/firefox-gtk2-bin/Makefile 1.8 - pkgsrc/www/firefox-gtk2-bin/distinfo 1.9 Module Name: pkgsrc Committed By: tron Date: Thu Mar 24 08:53:25 UTC 2005 Modified Files: pkgsrc/www/firefox-gtk2-bin: Makefile distinfo Log Message: Update "firefox-gtk2-bin" package to version 1.0.2. The new version fixes the following security issues: MFSA 2005-32 Drag and drop loading of privileged XUL MFSA 2005-31 Arbitrary code execution from Firefox sidebar panel MFSA 2005-30 GIF heap overflow parsing Netscape extension 2 @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.6.2.1 2005/03/22 19:13:56 snj Exp $ d4 1 a4 1 MOZ_VER= 1.0.2 @ 1.6.2.3 log @Pullup ticket 446 - requested by Matthias Scheler security fix for firefox-gtk2-bin Revisions pulled up: - pkgsrc/www/firefox-gtk2-bin/Makefile 1.9 - pkgsrc/www/firefox-gtk2-bin/distinfo 1.10 Module Name: pkgsrc Committed By: tron Date: Sat Apr 16 12:47:22 UTC 2005 Modified Files: pkgsrc/www/firefox-gtk2-bin: Makefile distinfo Log Message: Update "firefox-gtk2-bin" package to version 1.0.3. The new version fixes the following security issues: MFSA 2005-33 Javascript "lambda" replace exposes memory contents MFSA 2005-34 javascript: PLUGINSPAGE code execution MFSA 2005-35 Showing blocked javascript: popup uses wrong privilege context MFSA 2005-36 Cross-site scripting through global scope pollution MFSA 2005-37 Code execution through javascript: favicons MFSA 2005-38 Search plugin cross-site scripting MFSA 2005-39 Arbitrary code execution from Firefox sidebar panel II MFSA 2005-40 Missing Install object instance checks MFSA 2005-41 Privilege escalation via DOM property overrides @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.9 2005/04/16 12:47:22 tron Exp $ d4 1 a4 1 MOZ_VER= 1.0.3 @ 1.6.2.4 log @Pullup ticket 497 - requested by Matthias Scheler security update for firefox-gtk2-bin Updated by a patch. Module Name: pkgsrc Committed By: tron Date: Thu May 12 15:06:58 UTC 2005 Modified Files: pkgsrc/www/firefox-bin: Makefile distinfo Log Message: Update "firefox-bin" package to version 1.0.4. The following security issuses were fixed in this release: MFSA 2005-44 Privilege escalation via non-DOM property overrides MFSA 2005-43 "Wrapped" javascript: urls bypass security checks MFSA 2005-42 Code execution via javascript: IconURL @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.6.2.3 2005/04/16 14:10:21 salo Exp $ d4 1 a4 1 MOZ_VER= 1.0.4 @ 1.5 log @Update to 0.10.1, for security fix. No prebuilt binaries for Solaris or NetBSD available yet; for NetBSD, point to MOZILLA_USE_LINUX. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.4 2004/09/20 15:48:58 erh Exp $ d4 2 a5 5 MOZ_VER= 0.10.1 MOZ_DISTVER= 1.0PR # Added because 0.10 and 0.10.1 have the same distname. # Can be removed on update. DIST_SUBDIR= ${MOZILLA}-${MOZ_VER} d11 1 @ 1.4 log @Update firefox-gtk2-bin to 0.10 (aka 1.0PR) See commit log for www/firefox/Makefile-firefox.common for more details. Several security holes have been fixed. See the page below for details. http://www.mozilla.org/projects/security/known-vulnerabilities.html#mozilla1.7.3 @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.3 2004/03/05 14:48:08 grant Exp $ d4 1 a4 1 MOZ_VER= 0.10 d6 3 a15 1 ONLY_FOR_PLATFORM+= SunOS-5.[89]*-sparc @ 1.3 log @add Solaris/sparc build @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.2 2004/03/05 14:06:27 grant Exp $ d4 2 a5 1 MOZ_VER= 0.8 @ 1.2 log @simplify ONLY_FOR_PLATFORM @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.1.1.1 2004/02/09 10:36:54 grant Exp $ d12 1 @ 1.1 log @Initial revision @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.4 2004/01/31 16:47:26 grant Exp $ d11 1 a11 1 ONLY_FOR_PLATFORM+= Linux-*-i[3-6]86 @ 1.1.1.1 log @Initial import of Firefox 0.8 into The NetBSD Packages Collection. Mozilla Firebird has been renamed to Firefox, and this package obsoletes MozillaFirebird-gtk2-bin. changes since Firebird 0.7: * Download Manager The new streamlined download manager keeps your downloads organized without getting in your way. Select Tools > Downloads or press Ctrl+E to see it or change its behavior. * New Add Bookmark Dialog The Add Bookmark dialog has been enhanced and now allows the creation of new bookmark folders. * Work Offline It's now possible to view Web pages you've previously visited without being connected to the Internet. * Better Handling of File Types Binary files (e.g. .wma and .rar files) served by servers incorrectly sending text/plain should no longer be displayed as garbage in the browser, rather they should be appropriately handled. * New XPInstall Frontend The dialog that appears when installing themes and extensions has been redesigned and is easier to use. * Lots of bug fixes and improvements Disabling of form auto-completion is now working, the address bar now remembers the edited text across tab switching, among many other bug fixes. @ text @@